From: alecm <svn...@pl...> - 2006-08-31 07:41:00
|
Author: alecm Date: Thu Aug 31 07:40:55 2006 New Revision: 10715 Added: CMFPlone/branches/2.5/www/portrait_fix.dtml Log: Forgot that nasty dtml Added: CMFPlone/branches/2.5/www/portrait_fix.dtml ============================================================================== --- (empty file) +++ CMFPlone/branches/2.5/www/portrait_fix.dtml Thu Aug 31 07:40:55 2006 @@ -0,0 +1,53 @@ +<dtml-var manage_page_header> +<dtml-var manage_tabs> + +<p>This is a simple tool for purging members who have uploaded non-image files +as their member portraits in an attempted cross site scripting attack. The +issue which allowed such portraits to be uploaded has been resolved, and this +tool should remove any existing members who have attempted to exploint this +issue. +</p> + +<hr /> +<dtml-if search_for_bad_members> + <dtml-let ids="getBadMembers()"> + <dtml-if ids> + <p>Found <dtml-var "len(ids)"> bad members</p> + <form name="purge_bad_members" + method="POST" + action="manage_portrait_fix"> + <ul> + <dtml-in ids> + <li><dtml-var sequence-item></li> + <input type="hidden" + name="member_ids:list" + value="&dtml-sequence-item;"/> + </dtml-in> + </ul> + <input type="checkbox" + name="delete_memberareas:bool" + checked="true">Delete member areas + <br /> + <input type="submit" + name="purge_bad_members" + value="Remove These Members" /> + </form> + <dtml-else> + <p>No bad members found</p> + </dtml-if> + </dtml-let> +<dtml-elif purge_bad_members> + + <dtml-let deleted="deleteMembers(member_ids, REQUEST.get('delete_memberareas', False))"> + <dtml-call "portal_memberdata.pruneMemberDataContents()"> + <p>Deleted <dtml-var "len(deleted)"> bad members</p> + </dtml-let> +<dtml-else> + <form name="get_bad_members" + method="POST" + action="manage_portrait_fix"> + + <input type="submit" name="search_for_bad_members" + value="Find Bad Members" /> + </form> +</dtml-if> \ No newline at end of file |